cryptpad/lib/env.js

/* jshint esversion: 6 */
/* globals process */

const Crypto = require('crypto');
const WriteQueue = require("./write-queue");
const BatchRead = require("./batch-read");

const Keys = require("./keys");
const Core = require("./commands/core");

const Quota = require("./commands/quota");
const Util = require("./common-util");
const Package = require("../package.json");

var canonicalizeOrigin = function (s) {
    if (typeof(s) === 'undefined') { return; }
    return (s || '').trim().replace(/\/+$/, '');
};

var isValidPort = function (p) {
    return typeof(p) === 'number' && p < 65535;
};

module.exports.create = function (config) {
    const Env = {
        version: Package.version,
        installMethod: config.installMethod || undefined,

        httpUnsafeOrigin: canonicalizeOrigin(config.httpUnsafeOrigin),
        httpSafeOrigin: canonicalizeOrigin(config.httpSafeOrigin),
        removeDonateButton: config.removeDonateButton,
        httpPort: isValidPort(config.httpPort)? config.httpPort: 3000,
        httpAddress: typeof(config.httpAddress) === 'string'? config.httpAddress: '127.0.0.1',
        websocketPath: config.externalWebsocketURL,

        OFFLINE_MODE: false,
        FRESH_KEY: '',
        FRESH_MODE: true,
        DEV_MODE: false,
        configCache: {},
        broadcastCache: {},
        flushCache: function () {
            Env.configCache = {};
            Env.broadcastCache = {};
            Env.FRESH_KEY = +new Date();
            if (!(Env.DEV_MODE || Env.FRESH_MODE)) { Env.FRESH_MODE = true; }
            if (!Env.Log) { return; }
            Env.Log.info("UPDATING_FRESH_KEY", Env.FRESH_KEY);
        },

        Log: undefined,
        // store
        id: Crypto.randomBytes(8).toString('hex'),

        launchTime: +new Date(),

        inactiveTime: config.inactiveTime,
        archiveRetentionTime: config.archiveRetentionTime,
        accountRetentionTime: config.accountRetentionTime,

    // TODO implement mutability
        adminEmail: config.adminEmail,
        supportMailbox: config.supportMailboxPublicKey,

        metadata_cache: {},
        channel_cache: {},
        cache_checks: {},

        queueStorage: WriteQueue(),
        queueDeletes: WriteQueue(),
        queueValidation: WriteQueue(),
        queueMetadata: WriteQueue(),

        batchIndexReads: BatchRead("HK_GET_INDEX"),
        batchMetadata: BatchRead('GET_METADATA'),
        batchRegisteredUsers: BatchRead("GET_REGISTERED_USERS"),
        batchDiskUsage: BatchRead('GET_DISK_USAGE'),
        batchUserPins: BatchRead('LOAD_USER_PINS'),
        batchTotalSize: BatchRead('GET_TOTAL_SIZE'),
        batchAccountQuery: BatchRead("QUERY_ACCOUNT_SERVER"),

        intervals: {},
        maxUploadSize: config.maxUploadSize || (20 * 1024 * 1024),
        premiumUploadSize: false, // overridden below...
        Sessions: {},
        paths: {},
        //msgStore: config.store,

        // /api/broadcast
        lastBroadcastHash: '',
        surveyURL: undefined,
        maintenance: undefined,

        netfluxUsers: {},

        pinStore: undefined,

        limits: {},
        admins: [],
        WARN: function (e, output) { // TODO deprecate this
            if (!Env.Log) { return; }
            if (e && output) {
                Env.Log.warn(e, {
                    output: output,
                    message: String(e),
                    stack: new Error(e).stack,
                });
            }
        },

/*  FIXME restrictRegistration is initialized as false and then overridden by admin decree
    There is a narrow window in which someone could register before the server updates this value.
    See also the cached 'restrictRegistration' value in server.js#serveConfig
*/
        restrictRegistration: false,
        allowSubscriptions: config.allowSubscriptions === true,
        blockDailyCheck: config.blockDailyCheck === true,

        consentToContact: false,
        listMyInstance: false,
        provideAggregateStatistics: false,
        updateAvailable: undefined,

        myDomain: config.myDomain,
        mySubdomain: config.mySubdomain, // only exists for the accounts integration
        customLimits: {},
        // FIXME this attribute isn't in the default conf
        // but it is referenced in Quota
        domain: config.domain,

        maxWorkers: config.maxWorkers,
        disableIntegratedTasks: config.disableIntegratedTasks || false,
        disableIntegratedEviction: typeof(config.disableIntegratedEviction) === 'undefined'? true: config.disableIntegratedEviction, // XXX 4.11.0 false,
        lastEviction: +new Date(),
        evictionReport: {},
        commandTimers: {},
    };

    (function () {
    // mode can be FRESH (default), DEV, or PACKAGE
        if (process.env.PACKAGE) {
        // `PACKAGE=1 node server` uses the version string from package.json as the cache string
            //console.log("PACKAGE MODE ENABLED");
            Env.FRESH_MODE = false;
            Env.DEV_MODE = false;
        } else if (process.env.DEV) {
        // `DEV=1 node server` will use a random cache string on every page reload
            //console.log("DEV MODE ENABLED");
            Env.FRESH_MODE = false;
            Env.DEV_MODE = true;
        } else {
        // `FRESH=1 node server` will set a random cache string when the server is launched
        // and use it for the process lifetime or until it is reset from the admin panel
            //console.log("FRESH MODE ENABLED");
            Env.FRESH_KEY = +new Date();
        }

        // Offline mode is mostly for development. It lets us test clientside cache and offline support
        if (process.env.OFFLINE) { Env.OFFLINE_MODE = true; }
    }());

    Env.checkCache = function (channel) {
        var f = Env.cache_checks[channel] || Util.throttle(function () {
            delete Env.cache_checks[channel];
            if (Env.channel_cache[channel]) { return; }
            delete Env.metadata_cache[channel];
        }, 30000);
        f();
    };

    (function () {
        var custom = config.customLimits;
        if (!custom) { return; }

        var stored = Env.customLimits;

        Object.keys(custom).forEach(function (k) {
            var unsafeKey = Keys.canonicalize(k);

            if (!unsafeKey) {
                console.log("INVALID_CUSTOM_LIMIT_ID", {
                    message: "A custom quota upgrade was provided via your config with an invalid identifier. It will be ignored.",
                    key: k,
                    value: custom[k],
                });
                return;
            }

            if (stored[unsafeKey]) {
                console.log("INVALID_CUSTOM_LIMIT_DUPLICATED", {
                    message: "A duplicated custom quota upgrade was provided via your config which would have overridden an existing value. It will be ignored.",
                    key: k,
                    value: custom[k],
                });
                return;
            }

            if (!Quota.isValidLimit(custom[k])) {
                console.log("INVALID_CUSTOM_LIMIT_VALUE", {
                    message: "A custom quota upgrade was provided via your config with an invalid value. It will be ignored.",
                    key: k,
                    value: custom[k],
                });
                return;
            }

            var limit = stored[unsafeKey] = Util.clone(custom[k]);
            limit.origin = 'config';
        });
    }());

    (function () {
        var pes = config.premiumUploadSize;
        if (!isNaN(pes) && pes >= Env.maxUploadSize) {
            Env.premiumUploadSize = pes;
        }
    }());

    var paths = Env.paths;

    var keyOrDefaultString = function (key, def) {
        return typeof(config[key]) === 'string'? config[key]: def;
    };

    paths.pin = keyOrDefaultString('pinPath', './pins');
    paths.block = keyOrDefaultString('blockPath', './block');
    paths.data = keyOrDefaultString('filePath', './datastore');
    paths.staging = keyOrDefaultString('blobStagingPath', './blobstage');
    paths.blob = keyOrDefaultString('blobPath', './blob');
    paths.decree = keyOrDefaultString('decreePath', './data/');
    paths.archive = keyOrDefaultString('archivePath', './data/archive');
    paths.task = keyOrDefaultString('taskPath', './tasks');

    Env.defaultStorageLimit = typeof(config.defaultStorageLimit) === 'number' && config.defaultStorageLimit >= 0?
        config.defaultStorageLimit:
        Core.DEFAULT_LIMIT;

    try {
        Env.admins = (config.adminKeys || []).map(function (k) {
            try {
                return Keys.canonicalize(k);
            } catch (err) {
                return;
            }
        }).filter(Boolean);
    } catch (e) {
        console.error("Can't parse admin keys. Please update or fix your config.js file!");
    }

    return Env;
};
initialize Env from server and deduplicate several attributes 2020-10-12 20:09:53 +08:00			`/* jshint esversion: 6 */`
			`/* globals process */`

			`const Crypto = require('crypto');`
			`const WriteQueue = require("./write-queue");`
			`const BatchRead = require("./batch-read");`

			`const Keys = require("./keys");`
			`const Core = require("./commands/core");`

			`const Quota = require("./commands/quota");`
			`const Util = require("./common-util");`
include instance version in Env 2021-06-09 21:13:31 +08:00			`const Package = require("../package.json");`
initialize Env from server and deduplicate several attributes 2020-10-12 20:09:53 +08:00
WIP admin 'network' panel 2021-06-08 22:54:30 +08:00			`var canonicalizeOrigin = function (s) {`
			`if (typeof(s) === 'undefined') { return; }`
			`return (s \|\| '').trim().replace(/\/+$/, '');`
			`};`
initialize Env from server and deduplicate several attributes 2020-10-12 20:09:53 +08:00
adjust CSP headers for printing from OnlyOffice * allow outer to load resources from the sandbox (for fonts) * test whether the expected CSP values are present on the checkup page * simplify the nodejs server a bit 2021-10-19 16:52:06 +08:00			`var isValidPort = function (p) {`
			`return typeof(p) === 'number' && p < 65535;`
			`};`

WIP admin 'network' panel 2021-06-08 22:54:30 +08:00			`module.exports.create = function (config) {`
initialize Env from server and deduplicate several attributes 2020-10-12 20:09:53 +08:00			`const Env = {`
include instance version in Env 2021-06-09 21:13:31 +08:00			`version: Package.version,`
provide installMethod detail in server telemetry 2021-06-22 18:46:32 +08:00			`installMethod: config.installMethod \|\| undefined,`
include instance version in Env 2021-06-09 21:13:31 +08:00
WIP admin 'network' panel 2021-06-08 22:54:30 +08:00			`httpUnsafeOrigin: canonicalizeOrigin(config.httpUnsafeOrigin),`
			`httpSafeOrigin: canonicalizeOrigin(config.httpSafeOrigin),`
			`removeDonateButton: config.removeDonateButton,`
adjust CSP headers for printing from OnlyOffice * allow outer to load resources from the sandbox (for fonts) * test whether the expected CSP values are present on the checkup page * simplify the nodejs server a bit 2021-10-19 16:52:06 +08:00			`httpPort: isValidPort(config.httpPort)? config.httpPort: 3000,`
			`httpAddress: typeof(config.httpAddress) === 'string'? config.httpAddress: '127.0.0.1',`
			`websocketPath: config.externalWebsocketURL,`
WIP admin 'network' panel 2021-06-08 22:54:30 +08:00
implement server offline mode (no ws) 2021-01-08 17:19:04 +08:00			`OFFLINE_MODE: false,`
initialize Env from server and deduplicate several attributes 2020-10-12 20:09:53 +08:00			`FRESH_KEY: '',`
			`FRESH_MODE: true,`
			`DEV_MODE: false,`
			`configCache: {},`
Add /api/broadcast and improve message deletion 2021-03-12 19:46:11 +08:00			`broadcastCache: {},`
initialize Env from server and deduplicate several attributes 2020-10-12 20:09:53 +08:00			`flushCache: function () {`
			`Env.configCache = {};`
Add /api/broadcast and improve message deletion 2021-03-12 19:46:11 +08:00			`Env.broadcastCache = {};`
initialize Env from server and deduplicate several attributes 2020-10-12 20:09:53 +08:00			`Env.FRESH_KEY = +new Date();`
			`if (!(Env.DEV_MODE \|\| Env.FRESH_MODE)) { Env.FRESH_MODE = true; }`
			`if (!Env.Log) { return; }`
			`Env.Log.info("UPDATING_FRESH_KEY", Env.FRESH_KEY);`
			`},`

			`Log: undefined,`
			`// store`
			`id: Crypto.randomBytes(8).toString('hex'),`

			`launchTime: +new Date(),`

			`inactiveTime: config.inactiveTime,`
			`archiveRetentionTime: config.archiveRetentionTime,`
			`accountRetentionTime: config.accountRetentionTime,`

			`// TODO implement mutability`
			`adminEmail: config.adminEmail,`
			`supportMailbox: config.supportMailboxPublicKey,`

			`metadata_cache: {},`
			`channel_cache: {},`
briefly cache server metadata in-memory to avoid repeated reads 2020-12-08 19:04:28 +08:00			`cache_checks: {},`

initialize Env from server and deduplicate several attributes 2020-10-12 20:09:53 +08:00			`queueStorage: WriteQueue(),`
			`queueDeletes: WriteQueue(),`
			`queueValidation: WriteQueue(),`
move some implictly global state to env.js 2020-10-27 15:17:15 +08:00			`queueMetadata: WriteQueue(),`
initialize Env from server and deduplicate several attributes 2020-10-12 20:09:53 +08:00
			`batchIndexReads: BatchRead("HK_GET_INDEX"),`
			`batchMetadata: BatchRead('GET_METADATA'),`
			`batchRegisteredUsers: BatchRead("GET_REGISTERED_USERS"),`
			`batchDiskUsage: BatchRead('GET_DISK_USAGE'),`
			`batchUserPins: BatchRead('LOAD_USER_PINS'),`
			`batchTotalSize: BatchRead('GET_TOTAL_SIZE'),`
			`batchAccountQuery: BatchRead("QUERY_ACCOUNT_SERVER"),`

			`intervals: {},`
			`maxUploadSize: config.maxUploadSize \|\| (20 * 1024 * 1024),`
			`premiumUploadSize: false, // overridden below...`
			`Sessions: {},`
			`paths: {},`
			`//msgStore: config.store,`

Major broadcast refactoring 2021-03-17 00:00:23 +08:00			`// /api/broadcast`
Add /api/broadcast and improve message deletion 2021-03-12 19:46:11 +08:00			`lastBroadcastHash: '',`
Major broadcast refactoring 2021-03-17 00:00:23 +08:00			`surveyURL: undefined,`
Broadcast update 2021-03-30 23:41:12 +08:00			`maintenance: undefined,`
Add /api/broadcast and improve message deletion 2021-03-12 19:46:11 +08:00
initialize Env from server and deduplicate several attributes 2020-10-12 20:09:53 +08:00			`netfluxUsers: {},`

			`pinStore: undefined,`

			`limits: {},`
			`admins: [],`
			`WARN: function (e, output) { // TODO deprecate this`
			`if (!Env.Log) { return; }`
			`if (e && output) {`
			`Env.Log.warn(e, {`
			`output: output,`
			`message: String(e),`
			`stack: new Error(e).stack,`
			`});`
			`}`
			`},`

leave some notes about a minor race condition 2021-05-05 14:37:45 +08:00			`/* FIXME restrictRegistration is initialized as false and then overridden by admin decree`
			`There is a narrow window in which someone could register before the server updates this value.`
			`See also the cached 'restrictRegistration' value in server.js#serveConfig`
			`*/`
WIP restrict registration 2021-04-26 21:01:33 +08:00			`restrictRegistration: false,`
initialize Env from server and deduplicate several attributes 2020-10-12 20:09:53 +08:00			`allowSubscriptions: config.allowSubscriptions === true,`
			`blockDailyCheck: config.blockDailyCheck === true,`

WIP admin 'network' panel 2021-06-08 22:54:30 +08:00			`consentToContact: false,`
			`listMyInstance: false,`
			`provideAggregateStatistics: false,`
detect new versions in server telemetry responses 2021-06-10 23:26:12 +08:00			`updateAvailable: undefined,`
WIP admin 'network' panel 2021-06-08 22:54:30 +08:00
initialize Env from server and deduplicate several attributes 2020-10-12 20:09:53 +08:00			`myDomain: config.myDomain,`
			`mySubdomain: config.mySubdomain, // only exists for the accounts integration`
			`customLimits: {},`
			`// FIXME this attribute isn't in the default conf`
			`// but it is referenced in Quota`
			`domain: config.domain,`

			`maxWorkers: config.maxWorkers,`
			`disableIntegratedTasks: config.disableIntegratedTasks \|\| false,`
delay working on some flagged issues till next release 2021-08-16 21:02:34 +08:00			`disableIntegratedEviction: typeof(config.disableIntegratedEviction) === 'undefined'? true: config.disableIntegratedEviction, // XXX 4.11.0 false,`
initialize Env from server and deduplicate several attributes 2020-10-12 20:09:53 +08:00			`lastEviction: +new Date(),`
Fix some bugs with integrated eviction 1. implement SET_LAST_EVICTION as an admin command, not a decree 2. expect a return value from Env.evictInactive and expose it via Env.evictionReport 2020-10-15 15:41:09 +08:00			`evictionReport: {},`
profile worker commands by total running time in seconds 2020-12-08 13:14:46 +08:00			`commandTimers: {},`
initialize Env from server and deduplicate several attributes 2020-10-12 20:09:53 +08:00			`};`

			`(function () {`
stop logging dev/fresh mode 2020-10-12 21:49:57 +08:00			`// mode can be FRESH (default), DEV, or PACKAGE`
initialize Env from server and deduplicate several attributes 2020-10-12 20:09:53 +08:00			`if (process.env.PACKAGE) {`
			// `PACKAGE=1 node server` uses the version string from package.json as the cache string
stop logging dev/fresh mode 2020-10-12 21:49:57 +08:00			`//console.log("PACKAGE MODE ENABLED");`
initialize Env from server and deduplicate several attributes 2020-10-12 20:09:53 +08:00			`Env.FRESH_MODE = false;`
			`Env.DEV_MODE = false;`
			`} else if (process.env.DEV) {`
			// `DEV=1 node server` will use a random cache string on every page reload
stop logging dev/fresh mode 2020-10-12 21:49:57 +08:00			`//console.log("DEV MODE ENABLED");`
initialize Env from server and deduplicate several attributes 2020-10-12 20:09:53 +08:00			`Env.FRESH_MODE = false;`
			`Env.DEV_MODE = true;`
			`} else {`
			// `FRESH=1 node server` will set a random cache string when the server is launched
			`// and use it for the process lifetime or until it is reset from the admin panel`
stop logging dev/fresh mode 2020-10-12 21:49:57 +08:00			`//console.log("FRESH MODE ENABLED");`
initialize Env from server and deduplicate several attributes 2020-10-12 20:09:53 +08:00			`Env.FRESH_KEY = +new Date();`
			`}`
implement server offline mode (no ws) 2021-01-08 17:19:04 +08:00
			`// Offline mode is mostly for development. It lets us test clientside cache and offline support`
			`if (process.env.OFFLINE) { Env.OFFLINE_MODE = true; }`
initialize Env from server and deduplicate several attributes 2020-10-12 20:09:53 +08:00			`}());`

briefly cache server metadata in-memory to avoid repeated reads 2020-12-08 19:04:28 +08:00			`Env.checkCache = function (channel) {`
			`var f = Env.cache_checks[channel] \|\| Util.throttle(function () {`
always delete the throttled cleanup functions once they have run 2020-12-08 19:20:37 +08:00			`delete Env.cache_checks[channel];`
briefly cache server metadata in-memory to avoid repeated reads 2020-12-08 19:04:28 +08:00			`if (Env.channel_cache[channel]) { return; }`
			`delete Env.metadata_cache[channel];`
			`}, 30000);`
			`f();`
			`};`
initialize Env from server and deduplicate several attributes 2020-10-12 20:09:53 +08:00
			`(function () {`
			`var custom = config.customLimits;`
			`if (!custom) { return; }`

			`var stored = Env.customLimits;`

			`Object.keys(custom).forEach(function (k) {`
			`var unsafeKey = Keys.canonicalize(k);`

			`if (!unsafeKey) {`
			`console.log("INVALID_CUSTOM_LIMIT_ID", {`
			`message: "A custom quota upgrade was provided via your config with an invalid identifier. It will be ignored.",`
			`key: k,`
			`value: custom[k],`
			`});`
			`return;`
			`}`

			`if (stored[unsafeKey]) {`
			`console.log("INVALID_CUSTOM_LIMIT_DUPLICATED", {`
			`message: "A duplicated custom quota upgrade was provided via your config which would have overridden an existing value. It will be ignored.",`
			`key: k,`
			`value: custom[k],`
			`});`
			`return;`
			`}`

			`if (!Quota.isValidLimit(custom[k])) {`
			`console.log("INVALID_CUSTOM_LIMIT_VALUE", {`
			`message: "A custom quota upgrade was provided via your config with an invalid value. It will be ignored.",`
			`key: k,`
			`value: custom[k],`
			`});`
			`return;`
			`}`

			`var limit = stored[unsafeKey] = Util.clone(custom[k]);`
			`limit.origin = 'config';`
			`});`
			`}());`

			`(function () {`
			`var pes = config.premiumUploadSize;`
			`if (!isNaN(pes) && pes >= Env.maxUploadSize) {`
			`Env.premiumUploadSize = pes;`
			`}`
			`}());`

			`var paths = Env.paths;`

			`var keyOrDefaultString = function (key, def) {`
			`return typeof(config[key]) === 'string'? config[key]: def;`
			`};`

			`paths.pin = keyOrDefaultString('pinPath', './pins');`
			`paths.block = keyOrDefaultString('blockPath', './block');`
			`paths.data = keyOrDefaultString('filePath', './datastore');`
			`paths.staging = keyOrDefaultString('blobStagingPath', './blobstage');`
			`paths.blob = keyOrDefaultString('blobPath', './blob');`
			`paths.decree = keyOrDefaultString('decreePath', './data/');`
			`paths.archive = keyOrDefaultString('archivePath', './data/archive');`
			`paths.task = keyOrDefaultString('taskPath', './tasks');`

			`Env.defaultStorageLimit = typeof(config.defaultStorageLimit) === 'number' && config.defaultStorageLimit >= 0?`
			`config.defaultStorageLimit:`
			`Core.DEFAULT_LIMIT;`

			`try {`
			`Env.admins = (config.adminKeys \|\| []).map(function (k) {`
			`try {`
			`return Keys.canonicalize(k);`
			`} catch (err) {`
			`return;`
			`}`
			`}).filter(Boolean);`
			`} catch (e) {`
			`console.error("Can't parse admin keys. Please update or fix your config.js file!");`
			`}`

			`return Env;`
			`};`